Phishing: ITs University Email Out-of-Date

Posted on: January 17, 2023 | By: aallred | Filed under: Phishing at Elon, Security Alerts

Type

Email

Subject

Email subject line: ITs

Content

This is a phishing email appearing to be from Elon University IT Service Desk. The email claims that email account settings are out-of-date and must be updated. Recipients are directed to a malicious link login with their Elon username and password (screenshots below for reference). Delete this email and do not click on the link. If you have already submitted the form, immediately reset your Elon Account password and alert the Technology Service Desk at (336) 278-5200.

 

Phishing messages often try to prompt user action through a false sense of urgency involving account maintenance or mailbox deletion.  Recent phishing attempts have introduced a prompt to accept MFA call notifications as well.  Elon strongly encourages the use of Duo push notifications to registered Duo devices over call prompts.  Delete the email if you feel it is not legitimate. Visit the Information Security website to learn more about recognizing phishing scams.

The content of the email is below.

Your UNIVERSITY EMAIL account settings are out-of-date.  To improve all student/faculty/staff account user experience, privacy policy update is required to avoid login interruption.  845.69 MB used.  At 1.3 GB you won’t be able to send mail.

Privacy Policy Action Required Now

Visit [link]

Note: To access your Outlook account for upgrade a notification call will come through your phone, kindly answer the call and then press 1 on your phone to continue.

 

Comments are closed.